The following error is seen when apt-get update is run in a terminal window after the restart:

Reading package lists... Done
W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://extras.ubuntu.com maverick Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 16126D3A3E5C1192

I can reproduce this on the live system. The package "ubuntu-extras-keyring" is installed, but "sudo apt-key list" does not show the extras signing key. A "sudo apt-get install --reinstall ubuntu-extras-keyring" fixes the issue.

The problem is that livecd.sh creates a backup of the trusted.gpg file before installing ubuntu-desktop. Then adds the buildhosts keys and then restores the backup. This removes the changes from ubuntu-extras-keyring as well.

I upgraded my machine today from 10.04 to 10.10. And I got this bug, I cant do anything, and sudo apt-get --reinstall install ubuntu-extras-keyring dosent work for me, just gives the same error, invalid package, errors were encountered while processing
Ubuntu-keyring
Ubuntu-minimal
Ububntu-extras-keyring
Ubuntu-Desktop

extras.ubuntu.com seems to have changed key since this bug was first posted, and it no longer matches the one in ubuntu-extras-keyring (2010.09.27). I imported it manually using gpg --recv with the number given in the apt-get update error message. Now when I run apt-key list this key shows up as "Launchpad Application Review Board PPA".

I think the extras archive is using the wrong key for maverick. It should be using the one that's in the ubuntu-extras-keyring (Ubuntu Extras Archive Automatic Signing Key) instead of this one (Launchpad Application Review Board PPA).

Well, it's not that surprising that importing a missing key manually will fix warning messages about the missing key. :-)

Does this mean, ubuntu-extras-keyring will ship the singing key soon?

I dont know the procedures and details of "Ubuntu extras", but every archive/package signing key used in that repository should be shipped via the keyring package _before_ it is being used for signatures, aint it?